[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: source file audit - 2007-10-17



On 19.10.2007 22:01, Kevin Fenzi wrote:
> 
> - Should I keep running this? Do folks find it useful? 

You IMHO not -- we instead should put up a xen instance somewhere where
this and similar scripts get regularly started by cron.

BTW, sorting the list by owner's username would make finding the
packages that are owned by me a little bit easier IMHO.

> - Should I try and spam maintainers? Or just keep posting in the list?

I suppose list once a week and maintainers as well.

> [...]
> Lines in the output are of three forms: 
> [...] 
> - BADSOURCE:$SOURCENAME:$PACKAGENAME
> 
> This means that the source was downloaded ok from the upstream site,
> but doesn't match the md5sum given in the sources file. 
> This could be due to needing to strip out content that fedora cannot
> ship (but in that case you shouldn't have the full URI in the Source
> line). Or upstream following poor release practices and updating
> without changing their release.
> [...] 
> thl:BADSOURCE:CHANGELOG:rss2email

Hmmmm:

diff -u CHANGELOG.from_CVS CHANGELOG.freshly_downloaded
--- CHANGELOG   2007-03-26 09:48:51.000000000 +0200
+++ CHANGELOG.old       2006-08-25 20:36:11.000000000 +0200
@@ -119,7 +119,7 @@
 </ul>

 <p class="dateline"><span style="border: 1px solid #c3d9ff;
padding-left: 4px; ">
-    last updated 6 months ago
+    last updated 1 year ago
     <a href="/CHANGELOG">#</a>
 </span>
 </p>


Tracking such stuff seems not worth the trouble to me. Should we
blacklist this specific file? Or does anybody have a better idea
(besides converting upstream to put a proper changelog somewhere that
doesn't have unnecessary dynamic updates)?

CU
knurd


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]